1
0
mirror of https://github.com/vrana/adminer.git synced 2025-08-30 01:30:12 +02:00

Remove suppressing errors while reading local files with file_get_contents (issue #1)

This commit is contained in:
Peter Knut
2024-10-07 13:32:24 +02:00
parent 8ac486a57c
commit a494827dc5
2 changed files with 19 additions and 11 deletions

View File

@@ -105,8 +105,11 @@ function add_invalid_login() {
function check_invalid_login() {
global $adminer;
$invalids = unserialize(@file_get_contents(get_temp_dir() . "/adminer.invalid")); // @ - may not exist
$invalid = ($invalids ? $invalids[$adminer->bruteForceKey()] : array());
$filename = get_temp_dir() . "/adminer.invalid";
$invalids = file_exists($filename) ? unserialize(file_get_contents($filename)) : [];
$invalid = ($invalids ? $invalids[$adminer->bruteForceKey()] : []);
$next_attempt = ($invalid[1] > 29 ? $invalid[0] - time() : 0); // allow 30 invalid attempts
if ($next_attempt > 0) { //! do the same with permanent login
auth_error(lang('Too many unsuccessful logins, try again in %d minute(s).', ceil($next_attempt / 60)));

View File

@@ -1244,23 +1244,28 @@ function file_write_unlock($fp, $data) {
fclose($fp);
}
/** Read password from file adminer.key in temporary directory or create one
* @param bool
* @return string or false if the file can not be created
*/
/**
* Reads password from file adminer.key in temporary directory or create one.
*
* @param $create bool
* @return string|false Returns false if the file can not be created.
*/
function password_file($create) {
$filename = get_temp_dir() . "/adminer.key";
$return = @file_get_contents($filename); // @ - may not exist
$return = file_exists($filename) ? file_get_contents($filename) : false;
if ($return || !$create) {
return $return;
}
$fp = @fopen($filename, "w"); // @ - can have insufficient rights //! is not atomic
if ($fp) {
$file = @fopen($filename, "w"); // @ - can have insufficient rights //! is not atomic
if ($file) {
chmod($filename, 0660);
$return = rand_string();
fwrite($fp, $return);
fclose($fp);
fwrite($file, $return);
fclose($file);
}
return $return;
}